Mysterious Gmail account lockouts prompt hack fears

Something happening here, what it is ain't exactly clear

Updated A substantial number of Gmail users have been affected by a potential but unconfirmed hack of unknown origin or purpose.

El Reg learnt of the issue following a tip from a self-described "very security conscious" IT professional who got locked out of his Gmail account. This happened after one of his security phone numbers was changed.

Apparently others have suffered somewhat similar problems and have posted their experiences to Reddit and elsewhere. Users are receiving messages saying that their account has been changed, and asking them to re-sign into Google on their mobile. It's not clear if some sort of glitch or a hack is to blame.

This is more a case of being bounced out of accounts than being locked out as such.

In response to a thread on one of its official forums, Google said it was investigating the issue while downplaying concerns.

We've gotten reports about some users being signed out of their accounts, unexpectedly. We're investigating, but not to worry: there is no indication that this is connected to any phishing or account security threats.

In a Twitter update, Google said: "We know some of you had issues signing in today. Please try again now. Rest easy – your account's security was not affected."

El Reg requested comment directly from Google on Friday morning but we're yet to hear back. While we've been waiting for a response, we've canvassed security folks through Twitter, two of whom have said they've been been asked to reauthenticate themselves and log back into their Google accounts. ®

Updated to add

Google staff, speaking to The Register, claim this week's mysterious account login hiccup is unconnected to the Cloudflare session token leak, although would not elaborate further.